Carbon Black adds AWS and container protection to its cloud-native endpoint protection platform

Carbon Black, recently added Amazon Web Services (AWS) and container protection to the company’s cloud-native endpoint protection platform (EPP) provides security and IT teams remote access to cloud workloads and containers running in their environment, making it significantly easier to resolve configuration drift, remediate vulnerabilities in real time, confidently respond to incidents and demonstrate compliance with business policies and industry regulations.

“The industry is quickly moving into the cloud era for endpoint protection and IT operations,”  said Ryan Polk, Carbon Black’s Chief Product Officer. “Carbon Black is proud to be at the front edge for cloud innovation and, with this latest release, our cloud-native EPP is now protecting some of the most important and emerging cloud real estate.”

The release also rounds out Carbon Black’s footprint in covering major operating systems. The cloud workload and container protection capabilities are available from the same universal agent and cloud-native platform protecting Microsoft Windows, macOS and Linux endpoints.

Carbon Black’s cloud-native EPP now supports AWS workloads and nearly every Linux distribution released since 2011. This support extends direct access to more than 1,000 individual system artifacts across all major operating systems, including the ability to check the status of disk encryption, installed applications, kernel integrity, listening network ports, logged in users, OS versions, USB devices and much more.

The latest release provides control over containers running on major operating systems. This means security teams now have access to the running state of container processes, networks, ports, labels, mounts, and more that exist within their environment. With Docker containers continuing to be more prevalent across businesses of all sizes, lack of visibility into this portion of the environment has become an increasingly alarming blind spot for many security teams.

This release gives security administrators the ability to keep an eye on usage metrics and security configurations of containers in their environment. Customers can easily audit and tear down containers: with privileged status, without control systems such as AppArmor, and with processes taking up an abnormally high percentage of resources.

Having easy access to this information allows security teams to move quickly when minimizing potential vulnerabilities or remediating indicators of compromise in those environments.

Polk said, “By consolidating capabilities onto a cloud-native EPP that can give broad protection across the entire environment, your organization can buck the inefficient trends of the past and avoid overextending administrators with tedious tool-management tasks.”